Monday 1 September 2014

Magic cookie

A magic cookie, or just cookie for short, is a
token or short packet of data passed between
communicating programs, where the data is
typically not meaningful to the recipient
program. The contents are opaque and not
usually interpreted until the recipient passes
the cookie data back to the sender or
perhaps another program at a later time. The
cookie is often used like a ticket – to identify
a particular event or transaction
HTTP cookie
A cookie, also known as an HTTP cookie, web
cookie, or browser cookie, is a small piece of
data sent from a website and stored in a
user's web browser while the user is
browsing that website. Every time the user
loads the website, the browser sends the
cookie back to the server to notify the
website of the user's previous activity
Cookies were designed to be a reliable
mechanism for websites to remember
stateful information (such as items in a
shopping cart) or to record the user's
browsing activity (including clicking
particular buttons, logging in, or recording
which pages were visited by the user as far
back as months or years ago).

Posted by at No comments:

30 + Hacking tools Vulnerability Scanners

1. SAINT
2. Nipper
3. Secunia PSI
4. Retina
5. MBSA
6. QualysGuard
7. GFI LanGuard
8. Nexpose
9. Core Impact
10. OpenVAS
11. Nessus
Password Cracker
12. Brutus
13. Wfuzz
14. RainbowCrack
15. SolarWinds
16. L0phtCrack
17. Medusa
18. PwDump 6
19. AirSnort
20. THC Hydra
21. John the Ripper
22. Cain and Abel
23. Aircrack
24. Ophcrack
Anonymous Tools
25. Hotspot Shield
26. AIO Secret Maker
Game Hacking Tools
27. Art Money
28. 3D Fx Zone
29. Game Booster
30. Speed Gear
31. Cheat Engine

Posted by at No comments:

Sunday 24 August 2014

Command Prompt Short Keys

F1: Pastes the last executed command
(character by character)
F2: Pastes the last executed command (up to
the entered character)
F3: Pastes the last executed command
F4: Deletes current prompt text up to the
entered character
F5: Pastes recently executed commands
(does not cycle)
F6: Pastes ^Z to the prompt
F7: Displays a selectable list of previously
executed commands
F8: Pastes recently executed commands
(cycles)
F9: Asks for the number of the command
from the F7 list to paste

Posted by at No comments:

SAAS ( Software as a service )

Software as a service is a software licensing
and delivery model in which software is
licensed on a subscription basis and is
centrally hosted. It is sometimes referred to
as "on-demand software". SaaS is typically
accessed by users using a thin client via a
web browser. SaaS has become a common
delivery model for many business
applications, including office & messaging
software, DBMS software, management
software, CAD software, development
software, gamification, virtualization,
accounting, collaboration, customer
relationship management (CRM), management
information systems (MIS), enterprise
resource planning (ERP), invoicing, human
resource management (HRM), content
management (CM) and service desk
management. SaaS has been incorporated
into the strategy of all leading enterprise
software companies. One of the biggest
selling points for these companies is the
potential to reduce IT support costs by
outsourcing hardware and software
maintenance and support to the SaaS
provider.
According to a Gartner Group estimate, SaaS
sales in 2010 reached $10 billion, and were
projected to increase to $12.1bn in 2011, up
20.7% from 2010. Gartner Group estimates
that SaaS revenue will be more than double
its 2010 numbers by 2015 and reach a
projected $21.3bn. Customer relationship
management (CRM) continues to be the
largest market for SaaS. SaaS revenue within
the CRM market was forecast to reach
$3.8bn in 2011, up from $3.2bn in 2010.
The term "software as a service" (SaaS) is
considered to be part of the nomenclature of
cloud computing, along with infrastructure as
a service (IaaS), platform as a service (PaaS),
desktop as a service (DaaS), backend as a
service (BaaS), and information technology
management as a service (ITMaaS).

Posted by at No comments:

10+ linux OS for hacking-

1. Kali Linux - http://www.kali.org/
2. BackBox - http://www.backbox.org/
3. DEFT - http://www.deftlinux.net/
4. Live Hacking OS - https://
www.livehacking.com/
5. Samurai Web Security Framework - http://
sourceforge.net/projects/samurai/
6. Network Security Tool Kit - http://
sourceforge.net/projects/nst/
7. Parrot-sec Forensic OS – http://
www.parrotsec.org/index.php/Main_Page
8. Bugtraq - http://bugtraq-team.com/
9. Nodezero - http://www.nodezero-lin
ux.org/
10. Pentoo - http://www.pentoo.ch/
11. Gnacktrack - http://www.gnacktrack.c
o.uk/

Posted by at No comments:

Monday 18 August 2014

Man in the middle attack-

The man-in-the-middle attack (MITM, MIM,
MITMA) in cryptography and computer security is a form of active eavesdropping in
which the attacker makes independent connections with the victims and relays messages between them, making them
believe that they are talking directly to each other over a private connection, when in fact
the entire conversation is controlled by the attacker.it means attacker is in between both
victim and watch thier messages.
required tool-
1. Arpspoof
2. Driftnet
3. Urlsnarf
Arpspoof:- We use it twice
1. To lie to the Gateway about the MAC
address of victim
MAC Address of Victim is that of Back-
Track’s
2. To lie to the Victim about the MAC address of Gateway
MAC Address of Gateway is that of Back-Track’s
Driftnet:- Displays the Graphics, that Victim browses over Internet

Urlsnarf:- Gives the details of URLs, that Victim visits
Steps for that attack-
1) To accomplish this we will modify the IP
Tables and turn Linux into a router.
cat /proc/sys/net/ipv4/ip_forward
2) The default value is “0”. It should be set
to 1. To change the value to 1 enter the
following command:
sudo echo 1 >> /proc/sys/net/ipv4/
ip_forward
3) Now go ahead and check out the
ip_forward file and make sure the value
equals “1”
cat /proc/sys/net/ipv4/ip_forward
4) An arp poisoning attack will redirect data
from the victim’s PC going to their gateway
to be redirected to our box (note you have to
be on the same physical device, such as a
switch or access point to accomplish this).
sudo arpspoof –i eth1 –t 192.168.1.138
192.168.1.1
5) We will now use another arp poisoning
attack to redirect data from the gateway
destined for the victim’s PC back to our
Linux box.
sudo arpspoof –i eth1 –t 192.168.1.1
192.168.1.137
6) Now we launch driftnet. It is listening.
sudo driftnet –i eth1
7) As the victim’s PC browsing the Internet,
images that show up in his web browser are
also displayed on the attacker’s Linux server.
8) The attacker PC launches urlsnarf. URLs
that are accessed on the victim’s PC are
displayed on the attacker’s Linux server

Posted by at No comments:
Subscribe to: Posts (Atom)